Re: Lost all network connectivity after clean FC3 install

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Salvatore Indiogine wrote:
--- Paul Howarth <paul@xxxxxxxxxxxx> ha scritto:

$ dig @68.112.12.36 www.cnn.com


connection timed out; no servers could be reached

If this works on the machine connected to the cable
modem then it suggests


This is actually on the client PC (FC1
eth0=192.168.0.50/255.255.255.0 GW=192.168.0.1)
connected with a crossover cable to the eth1 of the
FC3 PC connected to the cable modem.

On 192.168.0.1 I get:

dig @68.112.12.36 www.cnn.com

; <<>> DiG 9.2.4 <<>> @68.112.12.36 www.cnn.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
53693
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 4,
ADDITIONAL: 0

;; QUESTION SECTION:
;www.cnn.com.                   IN      A

;; ANSWER SECTION:
www.cnn.com.            88      IN      CNAME  cnn.com.
cnn.com.                88      IN      A      64.236.16.116
cnn.com.                88      IN      A      64.236.24.4
cnn.com.                88      IN      A      64.236.24.12
cnn.com.                88      IN      A      64.236.24.20
cnn.com.                88      IN      A      64.236.24.28
cnn.com.                88      IN      A      64.236.16.20
cnn.com.                88      IN      A      64.236.16.52
cnn.com.                88      IN      A      64.236.16.84

;; AUTHORITY SECTION:
cnn.com.                452     IN      NS     twdns-01.ns.aol.com.
cnn.com.                452     IN      NS     twdns-02.ns.aol.com.
cnn.com.                452     IN      NS     twdns-03.ns.aol.com.
cnn.com.                452     IN      NS     twdns-04.ns.aol.com.

;; Query time: 73 msec
;; SERVER: 68.112.12.36#53(68.112.12.36)
;; WHEN: Thu Dec  9 11:25:29 2004
;; MSG SIZE  rcvd: 270

That looks OK, which again points the finger at the packet forwarding.

that your packet forwarding rules are broken. What's
the output of:

# iptables -n -L

on the machine connected to the cable modem?

iptables -n -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6881:6889 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  0.0.0.0/0           0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0       icmp type 255
ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
ACCEPT     udp  --  0.0.0.0/0            224.0.0.251     udp dpt:5353
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0       udp dpt:631
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0       state RELATED,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0       state NEW tcp dpt:22
REJECT     all  --  0.0.0.0/0            0.0.0.0/0       reject-with icmp-host-prohibited

Interesting; the first rule in the RH-Firewall-1-INPUT chain would appear to be accepting any packet, thus rendering the remaining rules irrelevant. However, I'm not an iptables expert and I don't use Red Hat's firewall utility, so maybe I'm misinterpreting that.


What do you get from:

# iptables -L -n -t nat

Paul.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux